If Facebook buys a security company, how will it retain the staff who absolutely hate Facebook?

According to The Information Facebook is planning to acquire a cybersecurity firm:

“In an effort to repair its tattered reputation around data protection, Facebook is stepping up efforts to acquire a major cybersecurity firm, according to four people familiar with the matter.

“Facebook has approached several security firms about an acquisition, two of the people said, although neither would identify the companies as discussions are still underway. One of the people said a deal could happen by the end of the year.”

The Information is right about Facebook’s scorched reputation when it comes to data privacy and security. This year has seen a number of disturbing revelations, as well as a growing understanding amongst users of just how the site exploits people’s private information.

However, the issue I find interesting is if Facebook did actually acquire a company brimming with security boffins, there’s a good chance that a fair proportion of them would be very privacy-minded. And it’s quite possible that a good number of them would rather pull their toenails out with pliers than find that their new boss is Mark Zuckerberg.

People who believe in internet security and privacy tend to have quite a dim view of those companies who have made billions duping users into over-sharing their personal data. They have strongly-held opinions, and the way in which they are viewed by their peers is important to them. Put simply - the last thing they may want is to have to admit to their mates that they work for Facebook.

And don’t think that throwing money at cybersecurity experts is necessarily enough to keep them happy. For many, security and privacy isn’t just a job. It’s a fundamental belief that counts for more than a fat wage cheque. And hey, it’s not as though security and privacy experts can’t get a well-compensated job elsewhere.

I imagine there would be a very real risk of a brain drain in the months after an acquisition by Facebook…

Facebook’s Chief Security Officer Alex Stamos - who was well-respected within the IT security industry - left the company earlier this year, and the social network has confirmed that they aren’t looking for a replacement.

Facebook says it has “embedded security” throughout the company, but it seems to me that they might want to reconsider having one guy in overall charge, rather than just waving a large wad of cash at security firms keen to be acquired.

About the author, Graham Cluley

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.

2 Responses

Let’s ask Nick Clegg, Graham? Facebook’s new Head of Global Affairs and Communications. Wow! There’s a job for a chap who is experienced at ‘explaining’ why he did a U-turn on tuition fees and propped up the Tories who took us into the Brexit debacle! Let’s ask him what he’s got to say about Massive Data Breaches, Facebook’s camera portal ‘watching you’ for targeted ads, and of course how it will retain highly disgruntled key staff from its acquisitions.

There’s an argument, surely, for wanting to use one’s security skills to help to secure and protect an enormous user base? Who amongst us hasn’t worked for or with companies with questionable ethics at one stage or another? Let’s also not overlook those who are just starting out and are over the moon to have a paid job in this industry - plenty of people don’t have the options that you might enjoy Graham.

Facebook’s business practices are highly questionable at times (I have not had a Facebook account for about 5 years) but I don’t see them going anywhere soon. It would be great to hear that some heavy hitters in the industry were willing to put their egos and pride to one side to take on a problem of this magnitude.